Willkommen, Gast
Benutzername: Passwort: Angemeldet bleiben:

THEMA: OpenLDAP auth plugin

OpenLDAP auth plugin 1 Jahr 2 Monate her #97929

  • ulysse68
  • ulysse68s Avatar
  • OFFLINE
  • Junior Lime
  • Beiträge: 37
  • Dank erhalten: 2
  • Karma: 0
Hi all!

As many others, I am very interested in another way of authentication to the admin section of LS, via a LDAP server. The new AuthLDAP core plugin (I am using the 2.05b4 version) doesn't work in my case. After some time, I finally managed to make it work with my OpenLDAPv3 server, so I share this new plugin here :) -- sorry I am not familiar with git.

More work is required to improve this plugin: I would like to add the user in the LS database if it doesn't exist, rather than reject user/password (like for example the phpBB LDAP authentication method). Another idea would be to support more types of LDAP servers (including ldaps, which is not the case with my plugin). If you want to help developing, be welcome!
Der Administrator hat öffentliche Schreibrechte deaktiviert.

OpenLDAP auth plugin 1 Jahr 2 Monate her #97930

  • ulysse68
  • ulysse68s Avatar
  • OFFLINE
  • Junior Lime
  • Beiträge: 37
  • Dank erhalten: 2
  • Karma: 0
Mmh... *.php attachement didn't work ? :(
Der Administrator hat öffentliche Schreibrechte deaktiviert.

OpenLDAP auth plugin 1 Jahr 2 Monate her #97931

  • mdekker
  • mdekkers Avatar
  • OFFLINE
  • LimeSurvey Team
  • Beiträge: 341
  • Dank erhalten: 68
  • Karma: 38
Please open a ticket in the bug tracker for this and attach your file there. That way we can try to incorporate your changes in the 2.05 release.

It would be really helpful if you could make the changes using git, but file upload would be ok too in this case.
---
Menno Dekker
Der Administrator hat öffentliche Schreibrechte deaktiviert.
Folgende Benutzer bedankten sich: ulysse68

OpenLDAP auth plugin 1 Jahr 2 Monate her #97932

  • ulysse68
  • ulysse68s Avatar
  • OFFLINE
  • Junior Lime
  • Beiträge: 37
  • Dank erhalten: 2
  • Karma: 0
OK, tried to use git: I forked the repo, made the changes and pushed back my plugin. You should see it here:
github.com/ulysse68/LimeSurvey/tree/2.05/plugins/AuthOpenLDAP
(tell me if it isn't public)
Der Administrator hat öffentliche Schreibrechte deaktiviert.
Folgende Benutzer bedankten sich: DenisChenu

OpenLDAP auth plugin 1 Jahr 2 Monate her #97938

  • DenisChenu
  • DenisChenus Avatar
  • OFFLINE
  • Moderator Lime
  • Beiträge: 6314
  • Dank erhalten: 810
  • Karma: 242
Great thanks.

Did you find why LDAP don't work with OpenLdap ? Token LDAP import work fine with OpenLdap

Denis
PS: thanks again.
Der Administrator hat öffentliche Schreibrechte deaktiviert.

OpenLDAP auth plugin 1 Jahr 2 Monate her #97944

  • ulysse68
  • ulysse68s Avatar
  • OFFLINE
  • Junior Lime
  • Beiträge: 37
  • Dank erhalten: 2
  • Karma: 0
> Did you find why LDAP don't work with OpenLdap ?

Unlike other LDAP configurations (phpBB, ownCloud for the last ones I tried), only 2 fields are asked in the AuthLDAP core plugin: server name and username. Where can I specify:
- the version of LDAP (v2 or v3); I had to specify v3 in order to make it work
- if it is secured or not (might be useful in the future for me)
- the O.U. where my users are stored (in my case: ou=people)
- which attribute contains the username (in my case: "uid", but could be "mail")

My OpenLDAP server (LDAP.mydomain.com) was obviously waiting for a user string like "uid=myusername,ou=people,dc=mydomain,dc=com", and I also had to specify that it was LDAPv3.

But my understanding of LDAP is very limited ;)
Der Administrator hat öffentliche Schreibrechte deaktiviert.
Moderatoren: ITEd
Ladezeit der Seite: 0.135 Sekunden
Donation Image